xref: /freebsd/crypto/heimdal/lib/krb5/test_keytab.c (revision b1d046441de9053152c7cf03d6b60d9882687e1b)
1 /*
2  * Copyright (c) 2005 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of KTH nor the names of its contributors may be
18  *    used to endorse or promote products derived from this software without
19  *    specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
32 
33 #include "krb5_locl.h"
34 #include <err.h>
35 
36 RCSID("$Id: test_keytab.c 18809 2006-10-22 07:11:43Z lha $");
37 
38 /*
39  * Test that removal entry from of empty keytab doesn't corrupts
40  * memory.
41  */
42 
43 static void
44 test_empty_keytab(krb5_context context, const char *keytab)
45 {
46     krb5_error_code ret;
47     krb5_keytab id;
48     krb5_keytab_entry entry;
49 
50     ret = krb5_kt_resolve(context, keytab, &id);
51     if (ret)
52 	krb5_err(context, 1, ret, "krb5_kt_resolve");
53 
54     memset(&entry, 0, sizeof(entry));
55 
56     krb5_kt_remove_entry(context, id, &entry);
57 
58     ret = krb5_kt_close(context, id);
59     if (ret)
60 	krb5_err(context, 1, ret, "krb5_kt_close");
61 }
62 
63 /*
64  * Test that memory keytab are refcounted.
65  */
66 
67 static void
68 test_memory_keytab(krb5_context context, const char *keytab, const char *keytab2)
69 {
70     krb5_error_code ret;
71     krb5_keytab id, id2, id3;
72     krb5_keytab_entry entry, entry2, entry3;
73 
74     ret = krb5_kt_resolve(context, keytab, &id);
75     if (ret)
76 	krb5_err(context, 1, ret, "krb5_kt_resolve");
77 
78     memset(&entry, 0, sizeof(entry));
79     ret = krb5_parse_name(context, "lha@SU.SE", &entry.principal);
80     if (ret)
81 	krb5_err(context, 1, ret, "krb5_parse_name");
82     entry.vno = 1;
83     ret = krb5_generate_random_keyblock(context,
84 					ETYPE_AES256_CTS_HMAC_SHA1_96,
85 					&entry.keyblock);
86     if (ret)
87 	krb5_err(context, 1, ret, "krb5_generate_random_keyblock");
88 
89     krb5_kt_add_entry(context, id, &entry);
90 
91     ret = krb5_kt_resolve(context, keytab, &id2);
92     if (ret)
93 	krb5_err(context, 1, ret, "krb5_kt_resolve");
94 
95     ret = krb5_kt_get_entry(context, id,
96 			    entry.principal,
97 			    0,
98 			    ETYPE_AES256_CTS_HMAC_SHA1_96,
99 			    &entry2);
100     if (ret)
101 	krb5_err(context, 1, ret, "krb5_kt_get_entry");
102     krb5_kt_free_entry(context, &entry2);
103 
104     ret = krb5_kt_close(context, id);
105     if (ret)
106 	krb5_err(context, 1, ret, "krb5_kt_close");
107 
108     ret = krb5_kt_get_entry(context, id2,
109 			    entry.principal,
110 			    0,
111 			    ETYPE_AES256_CTS_HMAC_SHA1_96,
112 			    &entry2);
113     if (ret)
114 	krb5_err(context, 1, ret, "krb5_kt_get_entry");
115     krb5_kt_free_entry(context, &entry2);
116 
117     ret = krb5_kt_close(context, id2);
118     if (ret)
119 	krb5_err(context, 1, ret, "krb5_kt_close");
120 
121 
122     ret = krb5_kt_resolve(context, keytab2, &id3);
123     if (ret)
124 	krb5_err(context, 1, ret, "krb5_kt_resolve");
125 
126     memset(&entry3, 0, sizeof(entry3));
127     ret = krb5_parse_name(context, "lha3@SU.SE", &entry3.principal);
128     if (ret)
129 	krb5_err(context, 1, ret, "krb5_parse_name");
130     entry3.vno = 1;
131     ret = krb5_generate_random_keyblock(context,
132 					ETYPE_AES256_CTS_HMAC_SHA1_96,
133 					&entry3.keyblock);
134     if (ret)
135 	krb5_err(context, 1, ret, "krb5_generate_random_keyblock");
136 
137     krb5_kt_add_entry(context, id3, &entry3);
138 
139 
140     ret = krb5_kt_resolve(context, keytab, &id);
141     if (ret)
142 	krb5_err(context, 1, ret, "krb5_kt_resolve");
143 
144     ret = krb5_kt_get_entry(context, id,
145 			    entry.principal,
146 			    0,
147 			    ETYPE_AES256_CTS_HMAC_SHA1_96,
148 			    &entry2);
149     if (ret == 0)
150 	krb5_errx(context, 1, "krb5_kt_get_entry when if should fail");
151 
152     krb5_kt_remove_entry(context, id, &entry);
153 
154     ret = krb5_kt_close(context, id);
155     if (ret)
156 	krb5_err(context, 1, ret, "krb5_kt_close");
157 
158     krb5_kt_free_entry(context, &entry);
159 
160     krb5_kt_remove_entry(context, id3, &entry3);
161 
162     ret = krb5_kt_close(context, id3);
163     if (ret)
164 	krb5_err(context, 1, ret, "krb5_kt_close");
165 
166     krb5_free_principal(context, entry3.principal);
167     krb5_free_keyblock_contents(context, &entry3.keyblock);
168 }
169 
170 int
171 main(int argc, char **argv)
172 {
173     krb5_context context;
174     krb5_error_code ret;
175 
176     setprogname(argv[0]);
177 
178     ret = krb5_init_context(&context);
179     if (ret)
180 	errx (1, "krb5_init_context failed: %d", ret);
181 
182     test_empty_keytab(context, "MEMORY:foo");
183     test_empty_keytab(context, "FILE:foo");
184     test_empty_keytab(context, "KRB4:foo");
185 
186     test_memory_keytab(context, "MEMORY:foo", "MEMORY:foo2");
187 
188     krb5_free_context(context);
189 
190     return 0;
191 }
192